Scribd
Upload
27 views29 pages

Lec12 IPv4 Addressing

Uploaded by

samerksa900
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
27 views29 pages

Lec12 IPv4 Addressing

Uploaded by

samerksa900
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 29

LEC12: IPV4 ADDRESSING

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1
IPv4 Address Structure: Network and Host Portions
• This chapter covers how to segment a network into subnets.
• An IPv4 address is a 32-bit hierarchical address that is made up of a network portion and
a host portion.
• When determining the network portion versus the host portion, you must look at the
32-bit stream.
• The bits in the network portion of the address must be identical for all devices that reside
in the same network. The bits in the host portion of the address must be unique to identify
a specific host within a network. If two hosts have the same bit pattern in the specified
network portion of the 32-bit stream, those two hosts reside in the same network.
• A subnet mask is used to determine the network and host portions.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 2
IPv4 Address Structure: The Subnet Mask
• Assigning an IPv4 address to a host
requires:
• IPv4 address: This is the unique
IPv4 address of the host.
• Subnet mask: This is used to
identify the network/host portion of
the IPv4 address
• To identify the network and host portions
of an IPv4 address, the subnet mask is
compared to the IPv4 address bit for bit, • The network address represents all the
from left to right. devices on the same network.
• The actual process used to identify the
network and host portions is called
ANDing.
• The IPv4 subnet mask is used to
differentiate the network portion from the
host portion of an IPv4 address. © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 3
IPv4 Address Structure: The Prefix Length
• A prefix length is a less cumbersome method used to identify a subnet mask address.
Prefix
• The prefix length is the number of Subnet Mask 32-bit Address
Length
bits set to 1 in the subnet mask. It 255.0.0.0 11111111.00000000.00000000.00000000 /8
is written in “slash notation,” with a
255.255.0.0 11111111.11111111.00000000.00000000 /16
forward slash (/) followed by the
number of bits set to 1. 255.255.255.0 11111111.11111111.11111111.00000000 /24
• Therefore, count the number of bits 255.255.255.128 11111111.11111111.11111111.10000000 /25
in the subnet mask and prepend it
with a slash. 255.255.255.192 11111111.11111111.11111111.11000000 /26

• When representing an IPv4 255.255.255.224 11111111.11111111.11111111.11100000 /27


address using a prefix length, the 255.255.255.240 11111111.11111111.11111111.11110000 /28
IPv4 address is written followed
by the prefix length with no 255.255.255.248 11111111.11111111.11111111.11111000 /29

spaces. For example, 192.168.10.10 255.255.255.252 11111111.11111111.11111111.11111100 /30


255.255.255.0 would be written as
192.168.10.10/24.
A network address is also referred to as a prefix
or network prefix. Therefore, the prefix length is
the number of 1 bits in the subnet mask.
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 4
IPv4 Address Structure: Determining the Network: Logical AND
• A logical AND Boolean operation is used in determining the network address.
• Logical AND is the comparison of two bits where only a 1 AND 1 produces a 1 and any other
combination results in a 0.
• 1 AND 1 = 1, 0 AND 1 = 0, 1 AND 0 = 0, 0 AND 0 = 0
• 1 = True and 0 = False (When using an AND operation, both input values must be true (1) for the
result to be true (1).)

• To identify the network address of


an IPv4 host, the host IPv4 address is
logically ANDed, bit by bit, with the
subnet mask. Thus, ANDing between
the address and the subnet mask
yields the network address.

In this example, the AND operation between the host address 192.168.10.10
and the subnet mask 255.255.255.0 (/24), results in the IPv4 network address
192.168.10.0/24. This is an important IPv4 operation, as it tells the host what
network it belongs to. © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 5
IPv4 Address Structure:Network, Host, and Broadcast Addresses
• Within each network are three types of IP addresses:
• Network address: which is an address that represents a specific network. A host determines its network address by performing an
AND operation between its IPv4 address and its subnet mask. The network address has all 0 bits in the host portion, as determined by
the subnet mask. In this example, the network address is 192.168.10.0/24. A network address cannot be assigned to a device.
• Host addresses: are addresses that can be assigned to devices such as host computers, laptops, smartphones, routers, and so on. The
host portion of the address is the bits indicated by 0 bits in the subnet mask. A host address can have any combination of bits
in the host portion except for all 0 bits (which would be a network address) or all 1 bits (which would be a broadcast
address). All devices in the same network must have the same subnet mask and the same network bits. Only the host bits
differ and must be unique.
• Broadcast address: is an address that is used to reach all devices on the IPv4 network. The network broadcast address has all 1 bits
in the host portion, as determined by the subnet mask. In this example, the network address is 192.168.10.255/24. A broadcast
address cannot be assigned to a device.
Host
Network Portion Host Bits
Portion
Subnet mask 255 255 255 0
255.255.255.0 or /24 11111111 11111111 11111111 00000000
Network address 192 168 10 0
All 0s
192.168.10.0 or /24 11000000 10100000 00001010 00000000
First address 192 168 10 1
All 0s and a 1
192.168.10.1 or /24 11000000 10100000 00001010 00000001
Last address 192 168 10 254
All 1s and a 0
192.168.10.254 or /24 11000000 10100000 00001010 11111110
Broadcast address 192 168 10 255
All 1s
192.168.10.255 or /24 11000000 10100000 00001010 11111111
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 6
IPv4 Unicast, Broadcast, and Multicast: Unicast
• Unicast transmission is sending a packet to one destination IP address in one-to-one
communications.
• A unicast packet has a destination IP address that is a unicast address, which goes to a single
recipient.
• A unicast packet has a destination IP address that is a unicast address, which goes to a single
recipient. A source IP address can only be a unicast address because the packet can only originate
from a single source— regardless of whether the destination IP address is a unicast, broadcast, or
multicast address.
• For example, the PC at 172.16.4.1 sends a unicast packet to the printer at 172.16.4.253.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 7
IPv4 Unicast, Broadcast, and Multicast: Broadcast
• Broadcast transmission is sending a packet to all other destination IP addresses in one-to-all
communications.
• A broadcast packet has a destination IP address with all 1s in the host portion, or 32 1 bits.
• Note: IPv4 uses broadcast packets. However, there are no broadcast packets with IPv6.
• For example, the PC at 172.16.4.1 sends a broadcast packet to all IPv4 hosts.
• A broadcast packet must be processed by all devices in the same broadcast domain. A broadcast domain
identifies all hosts on the same network segment.
• A broadcast may be directed or limited. A directed broadcast is sent to all hosts on a specific network.
For example, say that a host on the 172.16.4.0/24 network sends a packet to 172.16.4.255. A limited
broadcast is sent to 255.255.255.255. By default, routers do not forward broadcasts

• In addition to the 255.255.255.255 broadcast address, there is a


broadcast IPv4 address for each network.
• This address, called a directed broadcast, uses the highest address in
the network, which is the address where all the host bits are 1s. For
example, the directed broadcast address for 192.168.1.0/24 is
192.168.1.255.
• This address allows communication to all the hosts in that network. To
send data to all the hosts in a network, a host can send a single packet
that is addressed to the broadcast© 2016
address
Cisco and/or itsof the
affiliates. network.
All rights reserved. Cisco Confidential 8
IPv4 Unicast, Broadcast, and Multicast: Multicast
• Multicast transmission is sending a packet to a multicast address group (allowing a host to
send a single packet to a selected set of hosts that subscribe to a multicast group).
• A multicast packet is a packet with a destination IP address that is a multicast address.
IPv4 has reserved the 224.0.0.0 to 239.255.255.255 addresses as a multicast range.
• Each multicast group is represented by a single IPv4 multicast destination address. When
an IPv4 host subscribes to a multicast group, the host processes packets addressed to this
multicast address and packets addressed to its uniquely allocated unicast address.
• For example, the PC at 172.16.4.1 sends a multicast packet to the multicast group address
224.10.10.5.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 9
Types of IPv4 Addresses: Public and Private IPv4 Addresses
• As defined in in RFC 1918, public IPv4 addresses are globally routed between internet
service provider (ISP) routers.
• Private addresses are common blocks of
addresses used by most organizations to assign
IPv4 addresses to internal hosts.
Network Address
• The private IPv4 addresses in this Table were and Prefix
RFC 1918 Private Address Range
introduced to deal with the depletion of IPv4
10.0.0.0/8 10.0.0.0 - 10.255.255.255
address space.
• Private IPv4 addresses are not unique and can 172.16.0.0/12 172.16.0.0 - 172.31.255.255

be used internally within any network. 192.168.0.0/16 192.168.0.0 - 192.168.255.255


• However, private addresses are not globally
routable

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 10
Types of IPv4 Addresses: Routing to the Internet
• Most internal networks, use private IPv4 addresses for addressing all internal devices (in intranets),
including hosts and routers. However, private addresses are not globally routable.
• Network Address Translation (NAT) translates private IPv4 addresses to public IPv4 addresses.

• Customer networks 1, 2, and


• NAT is typically
3 are sending packets enabled on the edge
outside their internal router (the router that
networks. These packets connects the internal
have a source IPv4 address network to the ISP
that is a private address and network connecting to
a destination IPv4 address the internet.)
that is public (globally
routable).
• It translates the internal
• Packets with private private address to a
addresses must be filtered public global IP address.
(discarded) or have their
addresses translated to
public addresses before
being forwarded to an ISP.
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 11
Types of IPv4 Addresses: Special Use IPv4 Addresses
Certain addresses, such as the network address and
broadcast address, cannot be assigned to hosts. In
addition, special addresses can be assigned to hosts but
with restrictions on how those hosts can interact within
the network.
Loopback addresses
• 127.0.0.0 /8 (127.0.0.1 to 127.255.255.254)
• Commonly identified as only 127.0.0.1
• is a special address that a host uses to direct traffic
to itself (Used on a host to test if TCP/IP is Notice how the 127.0.0.1 loopback
operational. address replies to the ping
command
Link-Local addresses
• 169.254.0.0 /16 (169.254.0.1 to 169.254.255.254)
• Commonly known as the Automatic Private IP Addressing (APIPA) addresses or self-
assigned addresses.
• Used by Windows DHCP(Dynamic Host Configuration Protocol) clients to self-configure
when no DHCP servers are available. © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 12
Types of IPv4 Addresses: Legacy Classful Addressing
•Class D
RFC 790 (1981) allocated IPv4 addresses in
(224.0.0.0 to
classes (The RFC divided the unicast ranges
239.0.0.0)
into specific classes) as follows:
• Class A (0.0.0.0/8 to 127.0.0.0/8): Designed •Class E
to support extremely large networks with (240.0.0.0 –
more than 16 million host addresses. Class 255.0.0.0)
A used a fixed /8 prefix with the first octet to
indicate the network address and the
remaining three octets for host addresses • Class C (192.0.0.0/24 to 223.255.255.0/24):
(for more than 16 million host addresses per
Designed to support small networks with a
network).
maximum of 254 hosts. Class C used a fixed
• Class B (128.0.0.0/16 to 191.255.0.0/16): /24 prefix with the first three octets to indicate
Designed to support the needs of moderate the network and the remaining octet for the
to large networks with up to approximately host addresses (for only 254 host addresses
65,000 host addresses. Class B used a fixed per network).
/16 prefix with the two high-order octets to • Classful addressing wasted many IPv4
indicate the network address and the addresses.
remaining two octets for host addresses (for • Classful address allocation was replaced with
more than 65,000 host addresses per classless addressing which ignores the rules of
network). classes (A, B, C).
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 13
Network Segmentation: Broadcast Domains and Segmentation
• In an Ethernet LAN, devices use broadcasts and Address Resolution Protocol (ARP) to locate
other devices. ARP sends Layer 2 broadcasts to a known IPv4 address on the local network to
discover the associated MAC address.
• Devices on Ethernet LANs also locate other devices using services. A host typically acquires its
IPv4 address configuration by using the Dynamic Host Configuration Protocol (DHCP), which
sends broadcasts on the local network to locate a DHCP server.
• Switches propagate broadcasts out all interfaces except the interface on which it was received.

• The only device that stops


broadcasts is a router.
• Routers do not propagate
broadcasts.
• Each router interface connects
to a broadcast domain and
broadcasts are only
propagated within that specific
broadcast domain.
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 14
Network Segmentation: Problems with Large Broadcast Domains
• A problem with a large broadcast domain is that
these hosts can generate excessive
broadcasts and negatively affect the network
(results in slow network operations and also in
slow device operations because a device must
accept and process each broadcast packet).

• The solution is to reduce the size of the


network to create smaller broadcast domains
in a process called subnetting. (These smaller
network spaces are called subnets)

• Dividing the network address 172.16.0.0 /16 into


two subnets of 200 users each: 172.16.0.0 /24
and 172.16.1.0 /24.
• Broadcasts are only propagated within the broadcast in LAN 1 would
smaller broadcast domains. not propagate to LAN 2.
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 15
Network Segmentation:Reasons for Segmenting Networks
• Subnetting reduces overall network traffic and improves network performance.
• It can be used to implement security policies between subnets.
• Subnetting reduces the number of devices affected by abnormal broadcast traffic.

• Subnets are used for a variety of reasons including by:

Location Group or Function Device Type

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 16
Subnet an IPv4 Network: Subnet on an Octet Boundary
• IPv4 subnets are created by using one or more of the host bits as network bits. This process
involves extending the subnet mask to borrow some of the bits from the host portion of the
address to create additional network bits. The more host bits that are borrowed, the more subnets
that can be defined. The more bits that are borrowed to increase the number of subnets, the lower
the number of hosts per subnet.
• Networks are most easily subnetted at the octet boundary of /8, /16, and /24.
• Notice that using longer prefix lengths decreases the number of hosts per subnet.

Prefix Length Subnet Mask Subnet Mask in Binary (n = network, h = host) # of hosts

nnnnnnnn.hhhhhhhh.hhhhhhhh.hhhhhhhh
/8 255.0.0.0 11111111.00000000.00000000.00000000
16,777,214

nnnnnnnn.nnnnnnnn.hhhhhhhh.hhhhhhhh
/16 255.255.0.0 11111111.11111111.00000000.00000000
65,534

nnnnnnnn.nnnnnnnn.nnnnnnnn.hhhhhhhh
/24 255.255.255.0 11111111.11111111.11111111.00000000
254

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 17
Subnet an IPv4 Network: Subnet on an Octet Boundary
• Consider the following example: Say that an enterprise has chosen the private
address 10.0.0.0/8 as its internal network address. That network address can connect
16,777,214 hosts in one broadcast domain. Obviously, having more than 16 million
hosts on a single subnet is not ideal.
• The enterprise could further subnet the 10.0.0.0/8 address at the octet boundary /16.
This would enable the enterprise to define up to 256 subnets (that is, 10.0.0.0/16 to
10.255.0.0/16), and each subnet would be capable of connecting 65,534 hosts.
Notice that the first two octets identify the network portion of the address,
whereas the last two octets are for host IP addresses.
• Alternatively, the enterprise could choose to subnet the 10.0.0.0/8 network at the /24
octet boundary. This would enable the enterprise to define 65,536 subnets, each
capable of connecting 254 hosts.
• The /24 boundary is very popular in subnetting because it accommodates a
reasonable number of hosts and conveniently subnets at the octet boundary.
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 18
Subnet an IPv4 Network: Subnet on an Octet Boundary (Cont.)
• In the first table 10.0.0.0/8 is subnetted using /16 and in the second table, a /24 mask.
Subnet Address Host Range Subnet Address
(256 Possible (65,534 possible hosts per Broadcast Host Range
(65,536 Possible Broadcast
Subnets) subnet) (254 possible hosts per subnet)
Subnets)
10.0.0.0/16 10.0.0.1 - 10.0.255.254 10.0.255.255 10.0.0.0/24 10.0.0.1 - 10.0.0.254 10.0.0.255

10.1.0.0/16 10.1.0.1 - 10.1.255.254 10.1.255.255 10.0.1.0/24 10.0.1.1 - 10.0.1.254 10.0.1.255


10.0.2.0/24 10.0.2.1 - 10.0.2.254 10.0.2.255
10.2.0.0/16 10.2.0.1 - 10.2.255.254 10.2.255.255
… … …
10.3.0.0/16 10.3.0.1 - 10.3.255.254 10.3.255.255
10.0.255.0/24 10.0.255.1 - 10.0.255.254 10.0.255.255
10.4.0.0/16 10.4.0.1 - 10.4.255.254 10.4.255.255 10.1.0.0/24 10.1.0.1 - 10.1.0.254 10.1.0.255
10.5.0.0/16 10.5.0.1 - 10.5.255.254 10.5.255.255 10.1.1.0/24 10.1.1.1 - 10.1.1.254 10.1.1.255

10.6.0.0/16 10.6.0.1 - 10.6.255.254 10.6.255.255 10.1.2.0/24 10.1.2.1 - 10.1.2.254 10.1.2.255


… … …
10.7.0.0/16 10.7.0.1 - 10.7.255.254 10.7.255.255
10.100.0.0/24 10.100.0.1 - 10.100.0.254 10.100.0.255
... ... ...
... ... ...
10.255.0.0/16 10.255.0.1 - 10.255.255.254 10.255.255.255 10.255.255.0/24 10.255.255.1 - 10.2255.255.254 10.255.255.255
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 19
Subnet an IPv4 Network: Subnet within an Octet Boundary
• Subnets can borrow bits from any host bit position to create other masks.
• For instance, a /24 network address is commonly subnetted using longer prefixes by
borrowing bits from the fourth octet.
• Refer to the table to see six ways to subnet a /24 network.
• For each bit borrowed from the fourth octet, the number of subnetworks available is
doubled, and the number of host addresses per subnet is reduced. For example:
Subnet Mask in Binary # of
Prefix Length Subnet Mask # of hosts • /25 row: Borrowing 1 bit
(n = network, h = host) subnets
nnnnnnnn.nnnnnnnn.nnnnnnnn.nhhhhhhh
from the fourth octet
/25 255.255.255.128 11111111.11111111.11111111.10000000 2 126 creates 2 subnets
nnnnnnnn.nnnnnnnn.nnnnnnnn.nnhhhhhh supporting 126 hosts
/26 255.255.255.192 4 62
11111111.11111111.11111111.11000000 each.
nnnnnnnn.nnnnnnnn.nnnnnnnn.nnnhhhhh
/27 255.255.255.224 11111111.11111111.11111111.11100000 8 30
• /26 row: Borrowing 2 bits
nnnnnnnn.nnnnnnnn.nnnnnnnn.nnnnhhhh
/28 255.255.255.240 11111111.11111111.11111111.11110000 16 14 creates 4 subnets
nnnnnnnn.nnnnnnnn.nnnnnnnn.nnnnnhhh
supporting 62 hosts
/29 255.255.255.248 11111111.11111111.11111111.11111000 32 6 each.
nnnnnnnn.nnnnnnnn.nnnnnnnn.nnnnnnhh
/30 255.255.255.252 11111111.11111111.11111111.11111100 64 2
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 20
Subnet a Slash 16 and a Slash 8 Prefix: Create Subnets with a Slash 16 prefix
• In a situation requiring a larger
Prefix Length Subnet Mask Network Address (n = network, h = host) # of subnets # of hosts
number of subnets, an IPv4 /17 255.255.128.0
nnnnnnnn.nnnnnnnn.nhhhhhhh.hhhhhhhh
2 32766
11111111.11111111.10000000.00000000
network is required that has nnnnnnnn.nnnnnnnn.nnhhhhhh.hhhhhhhh
more hosts bits available to /18 255.255.192.0 11111111.11111111.11000000.00000000 4 16382

borrow. /19 255.255.224.0


nnnnnnnn.nnnnnnnn.nnnhhhhh.hhhhhhhh
11111111.11111111.11100000.00000000 8 8190

• For example, the network /20 255.255.240.0


nnnnnnnn.nnnnnnnn.nnnnhhhh.hhhhhhhh
16 4094
11111111.11111111.11110000.00000000
address 172.16.0.0 has a /21 255.255.248.0
nnnnnnnn.nnnnnnnn.nnnnnhhh.hhhhhhhh
32 2046
11111111.11111111.11111000.00000000
default mask of 255.255.0.0, nnnnnnnn.nnnnnnnn.nnnnnnhh.hhhhhhhh
or /16. /22 255.255.252.0 11111111.11111111.11111100.00000000 64 1022

nnnnnnnn.nnnnnnnn.nnnnnnnh.hhhhhhhh
• This address has 16 bits in the /23 255.255.254.0 11111111.11111111.11111110.00000000 128 510

network portion and 16 bits in /24 255.255.255.0


nnnnnnnn.nnnnnnnn.nnnnnnnn.hhhhhhhh
11111111.11111111.11111111.00000000 256 254

the host portion. /25 255.255.255.128


nnnnnnnn.nnnnnnnn.nnnnnnnn.nhhhhhhh
512 126
11111111.11111111.11111111.10000000
• The 16 bits in the host portion nnnnnnnn.nnnnnnnn.nnnnnnnn.nnhhhhhh
/26 255.255.255.192 1024 62
are available to borrow for 11111111.11111111.11111111.11000000
nnnnnnnn.nnnnnnnn.nnnnnnnn.nnnhhhhh
creating subnets. /27 255.255.255.224 11111111.11111111.11111111.11100000 2048 30

• The table highlights all the /28 255.255.255.240


nnnnnnnn.nnnnnnnn.nnnnnnnn.nnnnhhhh
11111111.11111111.11111111.11110000 4096 14

possible scenarios for /29 255.255.255.248


nnnnnnnn.nnnnnnnn.nnnnnnnn.nnnnnhhh
8192 6
11111111.11111111.11111111.11111000
subnetting a /16 prefix. nnnnnnnn.nnnnnnnn.nnnnnnnn.nnnnnnhh
/30 255.255.255.252 © 2016 Cisco and/or its affiliates. All rights reserved. 16384
11111111.11111111.11111111.11111100 Cisco Confidential 2 21
Subnet a Slash 16 and a Slash 8 Prefix: Create 100 Subnets with a Slash 16 prefix
Consider a large enterprise that requires at least 100 subnets
and has chosen the private address 172.16.0.0/16 as its
internal network address.
• When borrowing bits from a /16 address, start borrowing bits
in the third octet, going from left to right. Borrow a single bit at
a time until the number of bits necessary to create 100
subnets is reached.
• The figure displays the number of subnets that can be created
when borrowing bits from the third octet and the fourth octet.
• Notice there are now up to 14 host bits that can be borrowed
(i.e., last two bits cannot be borrowed).
• To satisfy the requirement of 100 subnets for the
enterprise, 7 bits (i.e., 27 = 128 subnets) would need to be
borrowed (for a total of 128 subnets).
• the subnet mask must change to reflect the borrowed bits. In
this example, when 7 bits are borrowed, the mask is extended
7 bits into the third octet. In decimal, the mask is represented
as 255.255.254.0, or a /23 prefix, because the third octet is
11111110 in binary, and the fourth octet is 00000000 in binary.
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 22
Subnet a Slash 16 and a Slash 8 Prefix: Create 100 Subnets with a Slash 16 prefix
This figure shows the resulting subnets, from 172.16.0.0/23 up
to 172.16.254.0/23.
After borrowing 7 bits for the subnet, there is 1 host bit remaining in
the third octet, and there are 8 host bits remaining in the fourth octet,
for a total of 9 bits not borrowed, resulting in 2 9=512 total host
addresses.
The first address is reserved for the network address, and the last
address is reserved for the broadcast address, so subtracting for
these two addresses(29 - 2) leaves 510 available host addresses for
each /23 subnet.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 23
Subnet a Slash 16 and a Slash 8 Prefix: Create 1000 Subnets with a Slash 8 prefix
Consider a small ISP that requires 1000 subnets for its clients using network
address 10.0.0.0/8 which means there are 8 bits in the network portion and 24
host bits available to borrow toward subnetting. Therefore, the small ISP will
subnet the 10.0.0.0/8 network
• The figure displays the number of subnets that can be created when
borrowing bits from the second and third.
• Notice there are now up to 22 host bits that can be borrowed (i.e., last
two bits cannot be borrowed).
• To satisfy the requirement of 1000 subnets for the enterprise, 10 bits (i.e.,
210=1024 subnets) would need to be borrowed (for a total of 1024 subnets)
showing the network address
and the resulting subnet mask,
which converts to 255.255.192.0,
or 10.0.0.0/18.

Borrowing 10 bits to create


the subnets leaves 14 host
bits for each subnet.
Subtracting 2 hosts per
subnet (1 for the network
address and 1 for the
broadcast address) 16,382
hosts per subnet. This means
that each of the 1000 subnets
can support up to 16,382 © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 24

hosts.
Subnet to Meet Requirements: Subnet Private versus Public IPv4 Address Space
Enterprise networks will have an:
• Intranet: the internal part of a company’s network, accessible
only within the organization. Devices in the intranet use
private IPv4 addresses.
• This means the organization can use any of the private IPv4
network addresses for intranet, including the 10.0.0.0/8 prefix,
with 24 host bits and more than 16 million hosts. This also
includes subnetting on an octet boundary using a subnet mask
of /16 or /24 or any other number of prefix lengths, such as
/12, /18, /20(here, subnetting is easier and more flexible).
• DMZ: This is part of the company’s network containing
In computer networks, a DMZ, or
resources available to the internet, such as a web server.
demilitarized zone, is a physical or
Devices in the DMZ use public IPv4 addresses.
logical subnet that separates a
• This means an organization must maximize its own limited local area network (LAN) from
number of public IPv4 addresses; the network administrator other untrusted networks, usually,
must therefore subnet the network’s public address space into the public internet. DMZs are also
subnets with different subnet masks in order to minimize the known as perimeter networks or
number of unused host addresses per subnet. This is screened subnetworks.
known as variable-length subnet masking (VLSM).
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 25
Subnet to Meet Requirements: Minimize Unused Host IPv4 Addresses and Maximize Subnets
To minimize the number of unused host IPv4 addresses and maximize the number of available
subnetsThere are two considerations when planning subnets:
• The number of host addresses required for each network
• The number of individual subnets needed

Prefix Length Subnet Mask


Subnet Mask in Binary # of
# of hosts • The number of host
(n = network, h = host) subnets
addresses required
nnnnnnnn.nnnnnnnn.nnnnnnnn.nhhhhhhh
/25 255.255.255.128 11111111.11111111.11111111.10000000 2 126 in the largest
nnnnnnnn.nnnnnnnn.nnnnnnnn.nnhhhhhh
subnet determines
/26 255.255.255.192 11111111.11111111.11111111.11000000 4 62 how many bits
nnnnnnnn.nnnnnnnn.nnnnnnnn.nnnhhhhh must be left in the
/27 255.255.255.224 8 30
11111111.11111111.11111111.11100000 host portion, so the
/28 255.255.255.240
nnnnnnnn.nnnnnnnn.nnnnnnnn.nnnnhhhh
16 14 usable number of
11111111.11111111.11111111.11110000
addresses can be
nnnnnnnn.nnnnnnnn.nnnnnnnn.nnnnnhhh
/29 255.255.255.248 11111111.11111111.11111111.11111000 32 6 calculated as 2n – 2
nnnnnnnn.nnnnnnnn.nnnnnnnn.nnnnnnhh
/30 255.255.255.252 11111111.11111111.11111111.11111100 64 2

Network administrators must devise a network addressing scheme that accommodates the maximum number of
hosts for each network and the number of subnets. The addressing scheme should allow for growth in both the
number of host addresses per subnet and the total number of subnets
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 26
Subnet to Meet Requirements: Example: Efficient IPv4 Subnetting
• In this example, corporate headquarters has been
allocated a public network address of 172.16.0.0/22 (10
host bits) by its ISP providing 1,022 host addresses.

• There are five sites and therefore five internet


connections which means the organization requires 10
subnets with the largest subnet requires 40 addresses.
• The 172.16.0.0/22 network address has 10 host bits.
Because the largest subnet requires 40 hosts, the
administrator needs a minimum of 6 host bits to provide
addressing for 40 hosts. (This is determined by using the
formula 26 – 2 = 62 hosts.)
• In this case, the first 4 host bits can be used to allocate
subnets. This means 2 bits from the third octet and 2 bits
from the fourth octet will be borrowed. When 4 bits are
borrowed from the 172.16.0.0/22 network, the new prefix The subnets can be assigned to each
length is /26, with a subnet mask of 255.255.255.192. location and router-to-ISP connections
• It allocated 10 subnets with a /26 (i.e.,
255.255.255.192) subnet mask. © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 27
Structured Design:IPv4 Network Address Planning
IP network planning is crucial to develop a scalable solution to an enterprise network.
• To develop an IPv4 network wide addressing scheme, you need to know how many subnets
are needed, how many hosts a particular subnet requires, what devices are part of the subnet,
which parts of your network use private addresses, and which use public, and many other
determining factors.

Examine the needs of an organization’s network usage and how the subnets will be
structured.
• Perform a network requirement study by looking at the entire network to determining how each
area will be segmented.
• Determine how many subnets are needed and how many hosts per subnet.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 28
Structured Design: Device Address Assignment

Within a network, there are different types of devices that require addresses:
• End user clients – Most use DHCP to reduce errors and burden on network support staff. IPv6
clients can obtain address information using DHCPv6 or SLAAC.
• Servers and peripherals – These should have a predictable static IP address.
• Servers that are accessible from the internet – Servers must have a public IPv4 address, most
often accessed using NAT.
• Intermediary devices – Devices are assigned addresses for network management, monitoring, and
security.
• Gateway – Routers and firewall devices are gateway for the hosts in that network.

When developing an IP addressing scheme, it is generally recommended that you have a


set pattern of how addresses are allocated to each type of device.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 29

You might also like